Cryptocurrency Basics and Security Fundamentals

Ever since late in 2017 cryptocurrencies have been a hot topic – especially within the security community because it aligns with many other common interests. As a team VDA has been having some lively discussions around cryptocurrency and so we thought we should share a bit of our knowledge.

A Volatile and Uncertain Market

At the time of writing, one Bitcoin (BTC) is worth ~$10,000 USD, which is down around 45% from the peak prices that were seen around a month ago ($19,000 USD). These fluctuations are huge and a lot of people have made and lost significant amounts of money in this market. The other thing to know is that the cost to transact Bitcoin can be quite high – so jumping in and out of the market, especially with small investments, is potentially very unwise.

Not Just Bitcoin

Bitcoin is like the ‘Kleenex’ of cryptocurrencies – the one your dad has heard of, but not necessarily the most interesting. There are 100+ different “altcoins” out there that are each vying for their own place in the market. But as usual – caveat emptor. While some altcoins were started as a joke and now are worth millions (or even billions!), others were started with much more malicious intent and have since become completely worthless.

Some altcoins show some real promise and innovation. We like the pre-mined ‘proof of stake’ and central banking focus of Ripple (XRP), the anonymity and privacy ideas behind Monero (MUN) and Zcash (ZCH), and the concept of ‘smart contracts’ that is a part of Ethereum (ETH). In the long run, however, it is very hard to say which of these might win out.

Technical Challenges to Cryptocurrencies

Aside from lack of regulation and market volatility, there are certainly other challenges to participating in the Cryptocurrency game and one of them is technical. It’s not easy for the average person to get into buying or trading coins. Even just the wallets that are used to ‘store’ the cryptocurrencies can be complicated to set up and can be immature / unvetted software. Generally altcoin wallets may not really be considered ready for prime time.

Aside from the technical challenges with wallets, buying, selling, and trading have their own challenges to overcome. There has been growth in the area of cryptocurrency exchanges, such as Coinbase, which make it easier to buy some of the most well known currencies (Bitcoin, Ethereum, and Litecoin) directly with normal cash, but working with altcoins can be much more challenging. That’s where services like Shapeshift.io come in – this is a service you can use to convert from one currency to another.

Cryptocurrency Wallet Security Struggles

Lastly an often overlooked area of importance is security up and down the cryptocurrency ecosystem. The core Bitcoin protocols and software seems to be secure enough, however the different applications and services involved may be a completely different story. All of these are juicy targets for hackers because stealing something digital, that is in some ways intentionally very difficult to trace, is really an ideal crime!

Exchanges and ICO Security Issues

The other area where cryptocurrencies are vulnerable to theft is when using online wallets along with services like coin exchanges etc. This all got an early start in 2014 when the first major Bitcoin exchange, Mt. Gox, was hacked for a sum of over $450M of customer Bitcoin, but unfortunately the security landscape hasn’t gotten substantially better – just this week currency exchange Coincheck was hacked for over $530M USD worth of coins in what might have been the biggest hack of cryptocurrency yet.

Lastly it’s also worth mentioning the more recent phenomenon of the ICO. An ICO is an “Initial Coin Offering” and can be the launch of a new crypto currency, or a venture that is raising money similarly to an IPO, but using crypto currencies instead. These are definitely something to be wary of because there are ample opportunities for attack and scams. One example is the Coindash ICO where their ICO website itself was hacked and the funds were stolen, and another thing to look out for are ICO “pump and dump” scams where a group tries to pump up the price of a coin just to sell it off once other investors have piled on. Pump and dump scams have recently caught the attention of the feds as they have gotten out of hand.

What have we learned?

Like all really new technology there is a period where it takes time to adjust and the cryptocurrency ecosystem is still maturing in many ways. If you are interested in owning or trading cryptocurrencies, VDA recommends that you spend the time necessary to analyze the risks involved at every level of the process, not just the risk in the value fluctuation of the coins themselves. Do a real security checkup when it comes to protecting your assets. In some ways you will be like your own bank – and think of what banks do to protect their money!